Can not authorize with scratch code.
liond92 opened this issue · comments
I have configured number digit of GoogleAuthenticatorConfig is 6 and when creating a credential, the scratch codes are 16894571,13596056,71421292,55952635,70416665,17449606
and the secret key is YKCKCEC7K7COQRJC
.
I try to authorize with scratch code but the result is false
iGoogleAuthenticator.authorize(secretCode, code);
Do we authorize OTP code and scratch code same method (authorize())?
Thank you and look forward to your response.
For anyone having the same issue looking at the 1.2.0 manual sadly could not find a 1.4.0 one at time of writing looks like the scratch codes are generated but its down to you to choose how you want to implement the one time password validation
How scratch codes are used, however, is a responsibility of the prover and this library offers no facility to store them or validate them.
FYI @liond92 @eltonkent
Correct: generating scratch codes is a feature that has been provided to emulate what Google was doing at the time, but it's up to the library user to decide how to store a user's scratch codes and validate them.